<?php 
	include_once("dataprovider.php");
	
	$user = $_POST["txtUsername"];
	$pass = $_POST["txtPassword"];
	
	$salt = "U" . $pass . "P";
	$h_pass = sha1($salt);
	
	$sql = "select _username from Users where _username='{$user}' and hex(_password)='{$h_pass}' and _active=1";
	$userlst = DataProvider::executeQuery($sql);
	if($userlst != false){
		if($row = mysql_fetch_array($userlst, MYSQL_ASSOC)){
			session_start();
			$_SESSION["logedUser"] = $row["_username"];
			//header("Location: index.php");
		}
	}
	header("Location: ../index.php");
?>